github mastodon/mastodon v4.1.24
on GitHub

latest releases: v4.3.6, v4.2.19
5 days ago

Mastodon

Caution

The 4.1.x branch will not receive any update—including security fixes—after 2025/04/08.

Warning

This includes important security fixes for everyone using SAML single-sign-on. We recommend upgrading to Mastodon 4.2 or 4.3 (see caution below) but if you are stuck on 4.1 and use SAML, you should at least update to this version.

Corresponding releases are available for the 4.3.x branch and the 4.2.x branch.

Caution

One of our dependencies has a known security vulnerability which Mastodon may be exposed to when using SAML for external authentication. If you are using SAML, we urge you to update to Mastodon 4.2 or 4.3.

Changelog

Security

  • Update dependencies

Fixed

Upgrade notes

To get the code for v4.1.24, use git fetch && git checkout v4.1.24.

Note

As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump

Important

Since v4.1.18, Mastodon is now performing stricter checks to prevent client IP address spoofing. This means that if one of your reverse proxy is not on Mastodon's local network, you will need to set TRUSTED_PROXY_IP accordingly, listing the IP address of every trusted reverse-proxy (including local network ones). See the documentation for more information.

Dependencies

Warning

The minimum required Ruby version has been bumped to 3.0 in Mastodon v4.1.14.

External dependencies have not changed compared to v4.1.14, the compatible Ruby, PostgreSQL, Node, Elasticsearch and Redis versions are the same, that is:

  • Ruby: 3.0
  • PostgreSQL: 9.5 or newer
  • Elasticsearch (optional, for full-text search): 7.x
  • Redis: 4 or newer
  • Node: >= 14, < 18
  • ImageMagick: 6.9.7-7 or newer

Update steps

The following instructions are for updating from 4.1.23.

If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations.

Non-Docker only:

  1. Install dependencies: bundle install

Both Docker and non-Docker:

  1. Restart all Mastodon processes
Check out latest releases or
releases around mastodon/mastodon v4.1.24

Don't miss a new mastodon release

NewReleases is sending notifications on new releases.

Get notifications